UK cybersecurity expert still held after Las Vegas arrest

British IT expert Marcus Hutchins, branded a hero for slowing down the WannaCry global cyberattack, during an interview in Ilfracombe, England. (Photo: AP)

LAS VEGAS (AP) — A British cybersecurity researcher has a date in federal court on Tuesday in Milwaukee, but he was still being held Monday at a U.S. lockup in Nevada, authorities said.

Marcus Hutchins, a hacker who won acclaim after helping in May to curb the spread of WannaCry ransomware during an attack that crippled thousands of computers worldwide, is at the Southern Nevada Detention Center in rural Pahrump, facility spokeswoman Kayla Gieni said.

Hutchins faces charges that he created and distributed malicious software designed to steal banking passwords. Hutchins' attorney in Las Vegas, Adrian Lobo, didn't immediately respond to telephone and email messages.

U.S. Magistrate Judge Nancy Koppe in Las Vegas set Hutchins' bail on Friday at $30,000. Koppe said she expected that he could be released Monday.

The judge decided Hutchins was not a danger to the community and isn't a risk not to appear for future court proceedings. But Koppe ordered Hutchins to surrender his passport and said Hutchins could fly to Wisconsin without identification.

It's not clear if he couldn't raise bail or if he would be transported Monday to Wisconsin in custody.

Hutchins, 23, did not enter a plea at Friday's hearing. He faces six charges dating to 2014, including conspiracy to commit computer fraud, distributing and advertising an electronic communication interception device, attempting to intercept electronic communications, and trying to access a computer without authorization. He could face decades in federal prison if he is convicted.

An indictment filed last month in Milwaukee was unsealed after Hutchins' arrest last Wednesday at McCarran International Airport in Las Vegas. Hutchins was returning home following Def Con, a convention in Las Vegas for computer security professionals, according to a friend.

The charging document says Hutchins and another defendant, whose name was redacted, conspired between July 2014 and July 2015 to advertise, sell and profit from the Kronos banking Trojan malware.

The indictment accuses Hutchins of creating the malware and enabling cybertheft by spreading a program that can infect web browsers and capture usernames and passwords.

Hutchins has support in the information-security community, where some call him a principled, ethical hacker. The Electronic Frontier Foundation, a digital civil-liberties nonprofit, was helping Hutchins obtain legal counsel. Karen Gulllo, a spokeswoman for the foundation, declined Monday to comment.

Hutchins lives with his family in the town of Ilfracombe, England, and worked out of his bedroom. His mother, Janet, called it "hugely unlikely" her son was involved in illegalities because he spends much of his time combatting malware attacks.

In May, the curly-haired computer wiz and surfing enthusiast discovered a so-called "kill switch" that slowed the unprecedented WannaCry outbreak. He then spent three days fighting the worm that crippled British hospitals and factories, government agencies, banks and other businesses around the world.

Though Hutchins had previously worked under the alias MalwareTech, cracking WannaCry led to the loss of his anonymity and propelled him to cyber stardom — including public appearances and a $10,000 prize for cracking WannaCry. He said he planned to donate the money to charity.

"I don't think I'm ever going back to the MalwareTech that everyone knew," he told The Associated Press at the time.